commit 51d18aeb425ba5127d8c68f386f3c58b5bbc38e1 Author: Nick Mathewson nickm@torproject.org Date: Wed Sep 23 11:30:17 2015 -0400

changes file and manpage entry for AuthDirPinKeys --- changes/bug17135 | 7 +++++++ doc/tor.1.txt | 7 +++++++ 2 files changed, 14 insertions(+)

diff --git a/changes/bug17135 b/changes/bug17135 new file mode 100644 index 0000000..0a0c57e --- /dev/null +++ b/changes/bug17135 @@ -0,0 +1,7 @@ + o Major features (Ed25519 keys, keypinning) + - The key-pinning option on directory authorities is now + advisory-only by default. In a future version, or when the + AuthDirPinKeys option is set, pins are enforced again. + Disabling key-pinning seemed like a good idea so that we can + survive the fallout of any usability problems associated with + ed25519 keys. Closes ticket 17135. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 14b13bc..954c8fa 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2081,6 +2081,13 @@ on the public Tor network. or more is always sufficient to satisfy the bandwidth requirement for the Guard flag. (Default: 250 KBytes)

+[[AuthDirPinKeys]] **AuthDirPinKeys** **0**|**1**:: + Authoritative directories only. If non-zero, do not allow any relay to + publish a descriptor if any other relay has reserved its <Ed25519,RSA> + identity keypair. In all cases, Tor records every keypair it accepts + in a journal if it is new, or if it differs from the most recently + accepted pinning for one of the keys it contains. (Default: 0) + [[BridgePassword]] **BridgePassword** __Password__:: If set, contains an HTTP authenticator that tells a bridge authority to serve all requested bridge information. Used by the (only partially